Socket.ssl

From Yate Documentation
(Difference between revisions)
Jump to: navigation, search
Line 1: Line 1:
  
The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.
+
The '''socket.ssl''' message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.
  
 
Parameters
 
Parameters

Revision as of 17:19, 14 November 2012

The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.

Parameters

server
Boolean value requesting to negotiate SSL as server. Defaults to false if missing (negotiate as client)
verify
Keyword describing if and when the remote certificate is to be verified
  • none - Don't ask for a certificate, don't stop if verification fails (default)
  • peer - Certificate is verified only if provided (a server always provides one)
  • only - Server only - verify client certificate only if provided and only once
  • must - Server only - client must provide a certificate at every (re)negotiation
  • once - Server only - client must provide a certificate only at first negotiation
context
Name of the SSL server context to use to secure the connection, if set overrides the domain parameter
domain
The domain used ti identify the SSL server context, used only if context isn't set explicitly
test
Boolean value requesting a test only (no socket replace). Defaults to false if missing

NOTE: The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer.

Personal tools
Namespaces

Variants
Actions
Preface
Configuration
Administrators
Developers